taota1

taota1's Stars

• Darkfi5/FFuzzApi

  Assist security researchers in identifying threats

  111

• wy876/POC

  收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1000多个poc/exp，长期更新。

  3.4k718

• whwlsfb/Log4j2Scan

  Log4j2 RCE Passive Scanner plugin for BurpSuite

  Language:Java75490

• a1phaboy/FastjsonScan

  Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

  Language:Go96594

• StarCrossPortal/swallow

  代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema

  Language:PHP16329

• 78778443/swallow

  代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema

  Language:PHP242

• 6h4ack/BurpFinder500

  Extension for burp developed to store 500 errors during an analysis.

  Language:Python2

• 0x727/BypassPro

  对权限绕过自动化bypass的burpsuite插件

  Language:Java80846

• lemonlove7/dirsearch_bypass403

  目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别

  Language:Python70158

• shmilylty/netspy

  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

  Language:Go1.9k206

• knownsec/ksubdomain

  无状态子域名爆破工具

  Language:Go2.2k276

• 4auvar/VulnNodeApp

  A vulnerable node.js application

  Language:JavaScript3775

• robertdavidgraham/masscan

  TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

  Language:C23.3k3k

• 13exp/SpringBoot-Scan-GUI

  Language:Python53359

• eeeeeeeeee-code/e0e1-wx

  微信小程序辅助渗透-自动化

  Language:Python781132

• shuanx/BurpFingerPrint

  BurpSuite插件集成Ehole指纹库并进行常见OA弱口令爆破插件

  Language:Java48527

• R4gd0ll/I-Wanna-Get-All

  OA漏洞利用工具

  95376

• cckuailong/spring-cloud-function-SpEL-RCE

  spring-cloud-function SpEL RCE, Vultarget & Poc

  Language:Java13341

• charonlight/SpringExploitGUI

  一款Spring综合漏洞的利用工具，工具支持多个Spring相关漏洞的检测以及利用

  21110

• zan8in/afrog

  A Security Tool for Bug Bounty, Pentest and Red Teaming.

  Language:Go3.4k377

• Fuzion24/JustTrustMe

  An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

  Language:Java4.8k782

• errors11/TomcatVuln

  Tomcat漏洞利用工具

  Language:Java17312

• NHPT/Xray_Cracked

  Update Xray1.9.11 Cracked for Windows,Linux and Mac OS.

  43559

• JaveleyQAQ/WeChatOpenDevTools-Python

  WeChatOpenDevTool 微信小程序强制开启开发者工具

  Language:Python1.8k513

• Aabyss-Team/ARL

  ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

  Language:Python943519

• charonlight/NacosExploitGUI

  Nacos漏洞综合利用GUI工具，集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用

  Language:Java87866

• f0ng/autoDecoder

  Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。

  Language:Java87668

• xu-xiang/awesome-security-vul-llm

  本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自动识别项目的目录结构、Readme信息后进行总结分析并分类，所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。

  6810

• 0xKayala/NucleiScanner

  NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications

  Language:Shell29434

• gh0stkey/CaA

  CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.

  Language:Java77351